allow the user to login but do not allow upload and show error message on the web
This commit is contained in:
parent
2e3bfdb12c
commit
e9d1ea712c
|
@ -28,9 +28,10 @@ if (OCP\User::isLoggedIn()) {
|
||||||
$view = new OC_FilesystemView('/');
|
$view = new OC_FilesystemView('/');
|
||||||
$session = new \OCA\Encryption\Session($view);
|
$session = new \OCA\Encryption\Session($view);
|
||||||
|
|
||||||
|
$user = \OCP\USER::getUser();
|
||||||
// check if user has a private key
|
// check if user has a private key
|
||||||
if (
|
if (
|
||||||
!$session->getPrivateKey(\OCP\USER::getUser())
|
!$view->file_exists('/' . $user . '/files_encryption/' . $user . '.private.key')
|
||||||
&& OCA\Encryption\Crypt::mode() === 'server'
|
&& OCA\Encryption\Crypt::mode() === 'server'
|
||||||
) {
|
) {
|
||||||
|
|
||||||
|
|
|
@ -62,13 +62,13 @@ class Hooks {
|
||||||
if(is_resource($res)) {
|
if(is_resource($res)) {
|
||||||
$sslInfo = openssl_pkey_get_details($res);
|
$sslInfo = openssl_pkey_get_details($res);
|
||||||
if(!isset($sslInfo['key'])) {
|
if(!isset($sslInfo['key'])) {
|
||||||
$privateKey = null;
|
$privateKey = false;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
$privateKey = null;
|
$privateKey = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if($privateKey === null) {
|
if($privateKey === false) {
|
||||||
\OCP\Util::writeLog('Encryption library', 'Private key for user "' . $params['uid'] . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access', \OCP\Util::ERROR);
|
\OCP\Util::writeLog('Encryption library', 'Private key for user "' . $params['uid'] . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access', \OCP\Util::ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -236,7 +236,11 @@ class Stream {
|
||||||
// if there is no valid private key return false
|
// if there is no valid private key return false
|
||||||
if($privateKey === false) {
|
if($privateKey === false) {
|
||||||
|
|
||||||
\OCP\Util::writeLog('Encryption library', 'Private key for user "' . $this->userId . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access', \OCP\Util::ERROR);
|
if(\OC_Util::isCallRegistered()) {
|
||||||
|
$l = \OC_L10N::get('core');
|
||||||
|
\OCP\JSON::error(array('data' => array('message' => $l->t('Private key is not valid! Maybe the user password was changed from outside if so please change it back to gain access'))));
|
||||||
|
throw new \Exception('Private key for user "' . $this->userId . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access');
|
||||||
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -433,6 +437,22 @@ class Stream {
|
||||||
|
|
||||||
$this->flush();
|
$this->flush();
|
||||||
|
|
||||||
|
$view = new \OC_FilesystemView('/');
|
||||||
|
$session = new \OCA\Encryption\Session( $this->rootView );
|
||||||
|
$privateKey = $session->getPrivateKey($this->userId);
|
||||||
|
|
||||||
|
// if there is no valid private key return false
|
||||||
|
if($privateKey === false) {
|
||||||
|
|
||||||
|
if(\OC_Util::isCallRegistered()) {
|
||||||
|
$l = \OC_L10N::get('core');
|
||||||
|
\OCP\JSON::error(array('data' => array('message' => $l->t('Private key is not valid! Maybe the user password was changed from outside if so please change it back to gain access'))));
|
||||||
|
throw new \Exception('Private key for user "' . $this->userId . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access');
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
if (
|
if (
|
||||||
$this->meta['mode'] !== 'r'
|
$this->meta['mode'] !== 'r'
|
||||||
and $this->meta['mode'] !== 'rb'
|
and $this->meta['mode'] !== 'rb'
|
||||||
|
@ -459,8 +479,6 @@ class Stream {
|
||||||
// Encrypt enc key for all sharing users
|
// Encrypt enc key for all sharing users
|
||||||
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
|
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
|
||||||
|
|
||||||
$view = new \OC_FilesystemView('/');
|
|
||||||
|
|
||||||
// Save the new encrypted file key
|
// Save the new encrypted file key
|
||||||
Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']);
|
Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue